From 4dcb696e88b29a16dc10c05f4f0d339f3cf8982f Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Thu, 12 May 2016 09:23:04 +0200
Subject: [PATCH] #3 Use explicit credentials to create dbs and users

---
 tasks/install.yml | 19 -------------------
 tasks/main.yml    | 14 +++++++++++---
 tasks/mysql.yml   | 37 +++++++++++++++++++++++++++++++++++++
 3 files changed, 48 insertions(+), 22 deletions(-)
 create mode 100644 tasks/mysql.yml

diff --git a/tasks/install.yml b/tasks/install.yml
index d246696..bea448c 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -172,24 +172,5 @@
     - crontabs
   tags: 'cron'
 
-- name: "Ensure Database"
-  mysql_db:
-    name='{{ item.db.name }}'
-    state='present'
-  with_items: '{{ drupal.domains }}'
-
-- name: "Create MySQL User"
-  mysql_user:
-    user='{{ item.0.db.username }}'
-    password='{{ item.0.db.password|default(mysql_root_password|default("root")) }}'
-    host='{{ item.1 }}'
-    check_implicit_admin=yes
-    priv='{{ item.0.db.name }}.*:ALL'
-  with_nested:
-    - '{{ drupal.domains }}'
-    - ['localhost', '127.0.0.1', '::1', '{{ inventory_hostname }}']
-  when: item.0.db.username is defined and item.0.db.username != 'root'
-  notify: "MySQL | Restart MySQL"
-
 - name: "Set Extended Permissions"
   command: setfacl -dRm u:{{ apacheUser }}:rwX,g:{{ apacheUser }}:rwX,o::rX {{ webRoot }}/files
diff --git a/tasks/main.yml b/tasks/main.yml
index d11467e..9fbdeb9 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -19,7 +19,15 @@
 
   when: '"letsencrypt" not in excluded_roles'
 
-- name: "Install Drupal"
-  include: install.yml
-  with_items: '{{ drupal_settings }}'
+- block:
+  - name: "Install Drupal"
+    include: install.yml
+    with_items: '{{ drupal_settings }}'
+
+  - name: "Install Drupal Databases and Users"
+    include: mysql.yml
+    with_subelements:
+      - '{{ drupal_settings }}'
+      - domains
+
   when: '"drupal" not in excluded_roles and drupal_install_drupal'
diff --git a/tasks/mysql.yml b/tasks/mysql.yml
new file mode 100644
index 0000000..02363da
--- /dev/null
+++ b/tasks/mysql.yml
@@ -0,0 +1,37 @@
+---
+# file: roles/drupal/tasks/mysql.yml
+
+- block:
+  - set_fact: domain='{{ item.1 }}'
+  - set_fact: port='3306'
+  - set_fact: port='{{ hostvars[item.db.host|default(inventory_hostname)]["ssh_tunnel_ports"][0]["local"] }}'
+    when: hostvars[domain.db.host|default(inventory_hostname)]["ssh_tunnel_ports"] is defined
+  tags: always
+
+- name: "Ensure Database"
+  mysql_db:
+    name='{{ domain.db.name }}'
+    login_user='root'
+    login_password='{{ mysql_root_password|default("root") }}'
+    login_host='127.0.0.1'
+    login_port='{{ port }}'
+    state='present'
+
+- name: "Create MySQL User"
+  mysql_user:
+    user='{{ domain.db.username }}'
+    password='{{ domain.db.password|default(mysql_root_password|default("root")) }}'
+    host='{{ item }}'
+    check_implicit_admin=yes
+    priv='{{ domain.db.name }}.*:ALL'
+    login_user='root'
+    login_password='{{ mysql_root_password|default("root") }}'
+    login_host='127.0.0.1'
+    login_port='{{ port }}'
+  with_items:
+    - 'localhost'
+    - '127.0.0.1'
+    - '::1'
+    - '{{ inventory_hostname }}'
+  when: domain.db.username is defined and domain.db.username != 'root'
+  notify: "MySQL | Restart MySQL"
-- 
GitLab